CISCO IDS Manager Detection (HTTP)

Detects if CISCO IDS Manager is running on a given host and port. The IDS Device Manager is a web-based Java application that resides on the sensor and is accessed via a secure, encrypted TLS link using standard Netscape and Internet Explorer web browsers to perform various management and...

RedHat Security Advisory RHSA-2008:0002

The remote host is missing updates announced in advisory RHSA-2008:0002. OpenVAS Vulnerability Test $Id: RHSA20080002.nasl 6683 2017-07-12 09:41:57Z cfischer $ Description: Auto-generated from advisory RHSA-2008:0002 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Online Grades And Attendance 3.2.6 Blind SQL Injection

!/usr/bin/perl || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ 'cc' Blind SQLi EXPLOIT | |--------------------------------------------------------------------------------------------| | | Online Grades & Attendance v-3.2.6 | |...

Online Grades And Attendance 3.2.6 SQL Injection

|| || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ WEB: http://www.onlinegrades.org/ | |--DOWNLOAD: http://www.onlinegrades.org/ | |--DE...

Online Grades & Attendance 3.2.6 Multiple Local File Inclusion Vulns

Exploit for unknown platform in category web applications ==================================================================== Online Grades & Attendance 3.2.6 Multiple Local File Inclusion Vulns ====================================================================...

Online Grades Attendance 3.2.6 - Blind SQL Injection

Online Grades Attendance 3.2.6 - Blind SQL Injection !/usr/bin/perl || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...

Online Grades & Attendance 3.2.6 Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================ Online Grades & Attendance 3.2.6 Blind SQL Injection Exploit ============================================================ !/usr/bin/perl...

Online Grades & Attendance 3.2.6 - Multiple Local File Inclusions

|| || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ---------------------------------------------------------------------------------------------- | MULTIPLE LOC...

Online Grades & Attendance 3.2.6 Credentials Changer SQL Exploit

Exploit for unknown platform in category web applications ================================================================ Online Grades & Attendance 3.2.6 Credentials Changer SQL Exploit ================================================================ !/usr/bin/perl...

Online Grades & Attendance 3.2.6 Multiple SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ======================================================================= Online Grades & Attendance 3.2.6 Multiple SQL Injection Vulnerabilities =======================================================================...

MULTIPLE SQL INJECTION VULNERABILITIES -- Online Grades & Attendance v-3.2.6 -->

---------------------------------------------------------------------------------- MULTIPLE SQL INJECTION VULNERABILITIES -- Online Grades & Attendance v-3.2.6 -- ---------------------------------------------------------------------------------- CMS INFORMATION: --WEB: http://www.onlinegrades.org...

Online Grades & Attendance 3.2.6 - Credentials Changer SQL

!/usr/bin/perl || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ---------------------------------------------------------------------------------...

Online Grades & Attendance 3.2.6 - Multiple SQL Injections

|| || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ---------------------------------------------------------------------------------------------- | MULTIPLE SQL...

TinyWebGallery lang Parameter Local File Inclusion

The remote host is running TinyWebGallery, a web-based photo gallery application written in PHP. The version of TinyWebGallery installed on the remote host fails to filter user-supplied input to the 'lang' parameter of the 'admin/include/init.php' script before using it to include PHP code...

Coppermine Photo Gallery 'lang' Cookie参数本地文件包含漏洞

Bugraq ID: 30480 CNCAN ID：CNCAN-2009052002 Coppermine Photo Gallery是一款基于WEB的图库程序。 Coppermine Photo Gallery不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 在用于包含文件钱传递给"GLOBALSUSERlang"的参数不正确过滤，可导致提交特殊请求以WEB权限查看系统文件内容。 Coppermine Photo Gallery 1.4.22 Coppermine Photo Gallery 1.4.21 Coppermine Photo Gallery...

IT staffs pressured to relax Web security

From SearchSecurity.com Rob Westervelt IT managers are under pressure from the top executives in their organizations to relax their policies on Web security in order to make users more productive. A new survey of more than 1,000 IT managers found that sales and marketing personnel also are leanin...

Dog Pedigree Online Database 1.0.1b Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...

JVN#02331156 HP System Management Homepage vulnerable to cross-site scripting

HP System Management Homepage SMH from Hewlett-Packard is a web-based interface that can manage HP servers. SMH contains a cross-site scripting vulnerability. This vulnerability is different from JVN19240523. Impact An arbitrary script may be executed on the user's web browser. Solution Apply the...

AjaxTerm ajaxterm.js会话劫持漏洞

BUGTRAQ ID: 34903 Ajaxterm是用python编写的基于web的开源终端。 AjaxTerm的ajaxterm.js脚本使用以下方式在客户端上分配会话id： var sid=""+Math.roundMath.random1000000000; 结合round使用的javascript随机函数没有为特定的会话id提供充足的熵，因此攻击者可以暴力猜测可能的id值并附加上已有的连接。此外由于在执行暴力猜测时还可能耗尽所有可用的会话id，利用这个漏洞还可能导致拒绝服务。 Antony Lesuisse AjaxTerm 0.10 Antony Lesuisse...

A-A-S Application Access Server Detection

A-A-S Application Access Server, a web-based tool for remotely managing a Windows host, is running on this port according to its banner. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid38760; scriptversion"1.8"; scriptnameenglish:"A-A-S Application Access Server...